Cyber Security Analyst
Isaac D Appiasam
917-***-**** Email: adxrpx@r.postjobfree.com
SUMMARY
* ***** ** *********** ******** / Cybersecurity experience
* ***** ** *****-** experience with IT Support Specialist
CERTIFICATIONS AND TRAINING
CompTIA Security +
Vulnerability Management
Coursera Cybersecurity Compliance Framework
and System Administration
Coursera Information Systems, Auditing, Controls and Assurance
Cybrary - Monitoring Network Traffic with SIEM
Cyber Foundations
SPECIALIZED SKILLS AND KNOWLEDGE
NIST Management Framework
SIEM Tools
Service Now
Security Assessment & Authorization (SA&A)
Security Control Assessment (SCA)
Risk Analysis
POA&M
Continues Monitoring
Enterprise Security
PPE Compliance
IT Integration/IT Strategy
FISMA
Security Testing Tools
Nessus, Qualys
Symantec Endpoint Protection
EXPERIENCE
Security Control Assessor/Admin/Analyst Jan 2019 - Present
SoftAfrique, Newark, NJ
As a Security Control Assessor/Admin (SCA), responsible for conducting a comprehensive assessment of the administrative, operational, and technical security controls employed within or inherited by an Automated Information System (AIS) to determine the overall effectiveness of the controls (i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system).
Conduct and Implement security controls to improve overall security posture of the organization by assessing current security situation, assessing control effectiveness, evaluating trends, and its potential impact on organization’s systems and data.
Develop and implement operational and administrative controls to support compliance policies with a goal to secure data integrity and accuracy.
Perform and maintain host and network-based security control assessments, for continual improvement in vulnerability management processes, determine any security risks, prepare assessment test reports, and take steps to remediate vulnerabilities identified.
Develop and execute security assessment plans to determine whether program-level or system-level security controls are effectively implemented according to Industry best practices, NIST Special Publications and FIPS requirements, PCI DSS and CIS Control baselines.
Regularly, with Security Engineers and other technical teams, review and develop new policies or enhance existing policies to address trends and new security challenges.
Review and analyze the findings that identify security issues on the system and compile results and findings into a final Security Assessment Report, along with assessments and recommendations for remediation.
Cyber Security Analyst Nov 2014 – Dec 2018
BIITECH Solutions IT Technology Washington, DC
Develop, review, and evaluate Security Plan based on NIST Special Publications
Work with engineers and developers to incorporate the best security safeguard and practice
Develop POA&M (Plan of Action & Milestones) document to take corrective actions resulting from ST&E (System Test & Evaluation)
Review, analyze and document scan results and ensure immediate remediation of critical and high vulnerabilities via emergency change request (CR)
Collect supporting artifacts for submission of Security Change Request (SCR) to the change management board
Review vulnerability scans and create remediation plan for weaknesses based on priorities
Developed security metrics and technical analysis to give insight into performance and trends.
Performed network troubleshooting to isolate and diagnose common problems.
Liaised with third parties to respond to security events and understand threat landscape.
Created policies and procedures for emerging security technologies and proposals.
Travelled to client sites to perform onsite testing.
Created frameworks by designing and developing technical solutions.
Designed, installed, and configured email encryption gateways with data loss prevention.
Engaged business and technology stakeholders to gather goals and requirements.
Prepared variety of different written communications, reports, and documents.
Maintained documentation of security and disaster recovery policies and procedures. Provided technical support related to security product installation and use
Collect and evaluate assessment artifacts to determine compliance with the NIST requirements
Information Technology Specialist - Consultant Aug 2012 – Oct 2014
BIITECH Solutions IT Technology Washington, DC
Provide support for the Information Technology (IT) Help Desk.
Image new computers and ensure that all configurations and settings meet organizational standards.
Work with the help desk support staff to triage IT issues and record them in ticket tracking system.
Prioritize issues based on standard operating procedures and service level agreements.
Follow standard operating procedures to resolve customer questions/problems concerning automation systems, software/hardware issues, password security violations, telecommunication troubles and work orders
Installs, maintains, repairs and replaces IT hardware and office productivity software, including network devices, servers, storage (SAN) and backup systems.
Setup and support of end user computers, other devices (e.g., printers, scanners, mobile devices), and office productivity software; ensure access controls for end user operations; ensures computer images are those built by Windows. Oversees the development and maintenance of Helpdesk ticketing, problem resolution, and asset tracking systems in support of help desk operations.
Develop, coordinate, and assist in the operation of IT equipment.
Point of contact and responsible person when setting up new offices with IT systems or expanding existing offices or refreshing computers and other end user devices.
Install new software versions and updates and configure hardware and/or user systems for effective integration of software systems
Perform upgrades of hardware to include memory, fix storage, and install network interface cards (NIC) or enhancement cards
Interact with users to ensure proper operation of computer systems, hardware, and software.
Automate repetitive tasks such as ghosting software images and software.
INFORMATION TECHNOLOGY COMPETENCY
Technical support
Firewalls
VMware
Microsoft Active Directory
Authentication
Switches and Routers
Windows OS
Polycom systems
VPNs and IP connectivity
Local Area Networks
Networking and Telephony
SharePoint